CONTEXT-AWARE ROLE-BASED ACCESS CONTROL SYSTEM AND CONTROL METHOD THEREOF
First Claim
1. A context-aware role-based access control system comprising:
- a context-aware user assignment manager (CAUAM) for performing a role assignment function, a role delegation function, or a role revocation function for a user according to a context of the user, based on a preset context request condition;
a context-aware permission assignment manager (CAPAM) for performing a permission modification, a permission restoration, and a personalized permission modification for a permission, which the role has, according to changes in the context of the user;
an information repository for storing a user profile and context information; and
an access control manager (ACM) for controlling the context-aware user assignment manager, the context-aware permission assignment manager, and the information repository, and processing an access control request.
2 Assignments
0 Petitions
Accused Products
Abstract
A context-aware role-based access control system and a control method thereof. The context-aware role-based access control system includes: a context-aware user assignment manager (CAUAM) for performing a role assignment function, a role delegation function, or a role revocation function for a user according to a context of the user, based on a preset context request condition; a context-aware permission assignment manager (CAPAM) for performing a permission modification, a permission restoration, and a personalized permission modification for a permission, which the role has, according to changes in the context of the user; an information repository for storing a user profile and context information; and an access control manager (ACM) for controlling the context-aware user assignment manager, the context-aware permission assignment manager, and the information repository, and processing an access control request. Accordingly, more efficient access control can be achieved in ubiquitous environments where the context of the user dynamically changes.
26 Citations
16 Claims
-
1. A context-aware role-based access control system comprising:
-
a context-aware user assignment manager (CAUAM) for performing a role assignment function, a role delegation function, or a role revocation function for a user according to a context of the user, based on a preset context request condition; a context-aware permission assignment manager (CAPAM) for performing a permission modification, a permission restoration, and a personalized permission modification for a permission, which the role has, according to changes in the context of the user; an information repository for storing a user profile and context information; and an access control manager (ACM) for controlling the context-aware user assignment manager, the context-aware permission assignment manager, and the information repository, and processing an access control request. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 16)
-
-
12. A control method of a context-aware user assignment manager (CAUAM) in a context-aware role-based access control system, the method comprising the steps of:
-
assigning a role to a user based on a first context request condition, which is preset to grant the user a role according to information on a location and a state of the user; checking if a second context request condition, which is preset for a context in which the role of the user is to be delegated to a different user, is satisfied; creating a user assignment element (UAE) which includes delegator information and a delegator'"'"'s role when the second context request condition is satisfied as a result of the check; updating a user assignment table (UAT) with the created user assignment element, and delegating the role to the different user; determining if the assigned or delegated role coincides with the preset context request condition; and revoking the assigned or delegated role when the assigned or delegated role does not coincide with the preset context request condition as a result of the determination. - View Dependent Claims (13)
-
-
14. A control method of a context-aware permission assignment manager (CAPAM) in a context-aware role-based access control system, the method comprising the steps of:
-
assigning or delegating, by a context-aware user assignment manager, a role suitable for a context of a user; checking if an operation of a permission, which the assigned or delegated role has, corresponds to a third context request condition which is preset according to contexts requiring modification; modifying the operation of the permission according to the third context request condition, when the operation of the permission corresponds to the third context request condition as a result of the check; determining if the modified permission coincides with the third context request condition; reading the pre-modification permission from a permission queue (PQ), when the modified permission does not coincide with the third context request condition as a result of the determination; and updating a permission assignment table with the pre-modification permission, and restoring the operation of the permission to an original state. - View Dependent Claims (15)
-
Specification